<?php

    include('lib/fortissimo.php');
    include('lib/markdown/markdown.php');

    $mode = $_GET['mode'];
    $access = $_GET['access'];
    $pgid = $_GET['pgid'];
    $posted = $_POST['posted'];

    if ($mode && ! $remote) {
        return $ft->errorpage('You must be logged in to perform actions.');
    }
    if ($mode && ($mode != "add" && $mode != "edit" && $mode != "delete")) {
        return $ft->errorpage("Invalid mode.");
    }

    # if an action, let's give them the right page
    if ($mode) {
        if ($pgid && $pgid > 0) {
            $page = get_custom_page($pgid);

            if ($page->access == "public" && ! $remote->manager()) {
                return $ft->errorpage("You can't mess with this page.");
            } elseif ($page->access == "alliance" && ! ( $remote->ceo() && 
                        get_corp_allianceid($remote->corpid()) == get_corp_allianceid($page->corpid) ) ) {
                return $ft->errorpage("You can't mess with this page.");
            } elseif ($page->access == "corp" && ! ( $remote->director() && $remote->corpid() == $page->corpid ) ) {
                return $ft->errorpage("You can't mess with this page.");
            }

            $ft->assign('page', $page);
        } else {
            $ft->assign('page', null);
        }

        if ($posted) {
            # do something amazing!
            if ($mode == "delete") {
                delete_custom_page($pgid);
                return $ft->messagepage("Custom page deleted successfully.");
            }
                
            # adds and edits use almost the same data
            $linkname = $_POST['linkname'];
            $longname = $_POST['longname'];
            $content = $_POST['content'];
            if ($linkname == "" || $longname == "" || $content == "") {
                return $ft->errorpage("You must fill in all available fields.");
            }

            # ensure they have the right access...
            if ($access == "public" && ! $remote->manager()) {
                return $ft->errorpage("You can't set that access level.");
            } elseif ($access == "alliance" && ! $remote->ceo()) {
                return $ft->errorpage("You can't set that access level.");
            } elseif ($access == "corp" && ! $remote->director()) {
                return $ft->errorpage("You can't set that access level.");
            }

            # now an add...
            if ($mode == "add") {
                $pgid = add_custom_page($remote->corpid(), $linkname, $longname, $content, $access);
            } elseif ($mode == "edit") {
                edit_custom_page($pgid, $linkname, $longname, $content);
            }
            return $ft->redirect("$_WEB_URL/custom_page.php?pgid=$pgid");
        }

        $ft->title('Custom Page Administration');
        $ft->assign('mode', $mode);
        $ft->assign('access', $access);
        $ft->makepage('admin_custom_page');
        return;
    }

    # if they just want a page, get it
    if ($pgid && $pgid > 0) {
        $page = get_custom_page($pgid);

        if ($page->access == 'alliance') {
            if (get_corp_allianceid($page->corpid) != get_corp_allianceid($remote->corpid())) {
                return $ft->errorpage('You do not have the proper access for that page.');
            }
        } elseif ($page->access == 'corp') {
            if ($page->corpid != $remote->corpid()) {
                return $ft->errorpage('You do not have the proper access for that page.');
            }
        }

        $ft->title($page->longname);

        $content = Markdown($page->content);
        $ft->assign('page_content', $content);

        $can_edit = 0;
        if ($remote) {
            if ($page->access == "public" && $remote->manager()) {
                $can_edit = 1;
            } elseif ($page->access == "alliance" && $remote->ceo()) {
                $can_edit = 1;
            } elseif ($page->access == "corp" && $remote->director()) {
                $can_edit = 1;
            }
        }

        $ft->assign('page', $page);
        $ft->assign('can_edit', $can_edit);
        $ft->makepage('display_custom_page');
        return;
    }

    return $ft->errorpage('You did something invalid.  Sorry.');

?>
